Make vpnc-script mandatory.

Things won't work without it, and it will also help to make sure packagers
notice that it's needed.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

configure.ac

@@ -15,6 +15,36 @@ AC_PREREQ([2.59c], [], [AC_SUBST([htmldir], [m4_ifset([AC_PACKAGE_TARNAME],
 
 AC_PREREQ([2.60], [], [AC_SUBST([localedir], ['$(datadir)/locale'])])
 
+AC_ARG_WITH([vpnc-script],
+	[AS_HELP_STRING([--with-vpnc-script],
+	  [default location of vpnc-script helper])])
+
+if test "$with_vpnc_script" = "yes" || test "$with_vpnc_script" = ""; then
+   with_vpnc_script=/etc/vpnc/vpnc-script
+   if ! test -x "$with_vpnc_script"; then
+      AC_MSG_ERROR([${with_vpnc_script} does not seem to be executable.]
+    [OpenConnect will not function correctly without a vpnc-script.]
+    [See http://www.infradead.org/openconnect/vpnc-script.html for more details.]
+    []
+    [If you are building a distribution package, please ensure that your]
+    [packaging is correct, and that a vpnc-script will be installed when the]
+    [user installs your package. You should provide a --with-vpnc-script=]
+    [argument to this configure script, giving the full path where the script]
+    [will be installed.]
+    []
+    [The standard location is ${with_vpnc_script}. To bypass this error and]
+    [build OpenConnect to use the script from this location, even though it's]
+    [not present at the time you are building OpenConnect, pass the argument]
+    ["--with-vpnc-script=${with_vpnc_script}"])
+  fi
+elif test "$with_vpnc_script" = "no"; then
+   AC_ERROR([You cannot disable vpnc-script.]
+   [OpenConnect will not function correctly without it.]
+   [See http://www.infradead.org/openconnect/vpnc-script.html])
+fi
+
+AC_DEFINE_UNQUOTED(DEFAULT_VPNCSCRIPT, "${with_vpnc_script}")
+
 AC_ARG_ENABLE([nls],
 	[ --disable-nls           do not use Native Language Support],
 	[USE_NLS=$enableval], [USE_NLS=yes])

main.c

@@ -189,6 +189,7 @@ static void usage(void)
 	printf("  -q, --quiet                     %s\n", _("Less output"));
 	printf("  -Q, --queue-len=LEN             %s\n", _("Set packet queue limit to LEN pkts"));
 	printf("  -s, --script=SCRIPT             %s\n", _("Shell command line for using a vpnc-compatible config script"));
+	printf("                                  %s: \"%s\"\n", _("default"), DEFAULT_VPNCSCRIPT);
 	printf("  -S, --script-tun                %s\n", _("Pass traffic to 'script' program, not tun"));
 	printf("  -u, --user=NAME                 %s\n", _("Set login username"));
 	printf("  -V, --version                   %s\n", _("Report version number"));
@@ -289,6 +290,7 @@ int main(int argc, char **argv)
 	vpninfo->validate_peer_cert = validate_peer_cert;
 	vpninfo->cbdata = vpninfo;
 	vpninfo->cert_expire_warning = 60 * 86400;
+	vpninfo->vpnc_script = DEFAULT_VPNCSCRIPT;
 
 	if (!uname(&utsbuf))
 		vpninfo->localname = utsbuf.nodename;

openconnect-internal.h

@@ -167,7 +167,7 @@ struct openconnect_info {
 	unsigned char dtls_secret[48];
 
 	char *dtls_cipher;
-	char *vpnc_script;
+	const char *vpnc_script;
 	int script_tun;
 	char *ifname;
 

openconnect.8

@@ -198,7 +198,9 @@ compatible with the
 .B vpnc\-script
 which is shipped with the "vpnc" VPN client. See
 .I http://www.infradead.org/openconnect/vpnc-script.html
-for more information.
+for more information. Unless OpenConnect was built in a non-standard way,
+the default is
+.B /etc/vpnc/vpnc-script
 .TP
 .B \-S,\-\-script\-tun
 Pass traffic to 'script' program over a UNIX socket, instead of to a kernel

www/changelog.xml

@@ -17,6 +17,7 @@
 <ul>
    <li><b>OpenConnect HEAD</b>
      <ul>
+       <li>Make <tt>vpnc-script</tt> mandatory, like it is for <tt>vpnc</tt></li>
        <li>Don't set Legacy IP address on tun device; let <tt>vpnc-script</tt> do it.</li>
        <li>Detect OpenSSL even without pkg-config.</li>
        <li>Stop building static library by default.</li>